1 /*- 2 * Copyright (c) 2000 Dag-Erling Co�dan Sm�rgrav 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer 10 * in this position and unchanged. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 /* 32 * The following copyright applies to the base64 code: 33 * 34 *- 35 * Copyright 1997 Massachusetts Institute of Technology 36 * 37 * Permission to use, copy, modify, and distribute this software and 38 * its documentation for any purpose and without fee is hereby 39 * granted, provided that both the above copyright notice and this 40 * permission notice appear in all copies, that both the above 41 * copyright notice and this permission notice appear in all 42 * supporting documentation, and that the name of M.I.T. not be used 43 * in advertising or publicity pertaining to distribution of the 44 * software without specific, written prior permission. M.I.T. makes 45 * no representations about the suitability of this software for any 46 * purpose. It is provided "as is" without express or implied 47 * warranty. 48 * 49 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS 50 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, 51 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 52 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT 53 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 54 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 55 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 56 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 57 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 58 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 59 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/param.h> 64 #include <sys/socket.h> 65 66 #include <ctype.h> 67 #include <err.h> 68 #include <errno.h> 69 #include <locale.h> 70 #include <netdb.h> 71 #include <stdarg.h> 72 #include <stdio.h> 73 #include <stdlib.h> 74 #include <string.h> 75 #include <time.h> 76 #include <unistd.h> 77 78 #include "fetch.h" 79 #include "common.h" 80 #include "httperr.h" 81 82 extern char *__progname; /* XXX not portable */ 83 84 /* Maximum number of redirects to follow */ 85 #define MAX_REDIRECT 5 86 87 /* Symbolic names for reply codes we care about */ 88 #define HTTP_OK 200 89 #define HTTP_PARTIAL 206 90 #define HTTP_MOVED_PERM 301 91 #define HTTP_MOVED_TEMP 302 92 #define HTTP_SEE_OTHER 303 93 #define HTTP_NEED_AUTH 401 94 #define HTTP_NEED_PROXY_AUTH 403 95 #define HTTP_PROTOCOL_ERROR 999 96 97 #define HTTP_REDIRECT(xyz) ((xyz) == HTTP_MOVED_PERM \ 98 || (xyz) == HTTP_MOVED_TEMP \ 99 || (xyz) == HTTP_SEE_OTHER) 100 101 102 103 /***************************************************************************** 104 * I/O functions for decoding chunked streams 105 */ 106 107 struct cookie 108 { 109 int fd; 110 char *buf; 111 size_t b_size; 112 size_t b_len; 113 int b_pos; 114 int eof; 115 int error; 116 long chunksize; 117 #ifndef NDEBUG 118 long total; 119 #endif 120 }; 121 122 /* 123 * Get next chunk header 124 */ 125 static int 126 _http_new_chunk(struct cookie *c) 127 { 128 char *p; 129 130 if (_fetch_getln(c->fd, &c->buf, &c->b_size, &c->b_len) == -1) 131 return -1; 132 133 if (c->b_len < 2 || !ishexnumber(*c->buf)) 134 return -1; 135 136 for (p = c->buf; !isspace(*p) && *p != ';' && p < c->buf + c->b_len; ++p) 137 if (!ishexnumber(*p)) 138 return -1; 139 else if (isdigit(*p)) 140 c->chunksize = c->chunksize * 16 + *p - '0'; 141 else 142 c->chunksize = c->chunksize * 16 + 10 + tolower(*p) - 'a'; 143 144 #ifndef NDEBUG 145 c->total += c->chunksize; 146 if (c->chunksize == 0) 147 fprintf(stderr, "\033[1m_http_fillbuf(): " 148 "end of last chunk\033[m\n"); 149 else 150 fprintf(stderr, "\033[1m_http_fillbuf(): " 151 "new chunk: %ld (%ld)\033[m\n", c->chunksize, c->total); 152 #endif 153 154 return c->chunksize; 155 } 156 157 /* 158 * Fill the input buffer, do chunk decoding on the fly 159 */ 160 static int 161 _http_fillbuf(struct cookie *c) 162 { 163 if (c->error) 164 return -1; 165 if (c->eof) 166 return 0; 167 168 if (c->chunksize == 0) { 169 switch (_http_new_chunk(c)) { 170 case -1: 171 c->error = 1; 172 return -1; 173 case 0: 174 c->eof = 1; 175 return 0; 176 } 177 } 178 179 if (c->b_size < c->chunksize) { 180 char *tmp; 181 182 if ((tmp = realloc(c->buf, c->chunksize)) == NULL) 183 return -1; 184 c->buf = tmp; 185 c->b_size = c->chunksize; 186 } 187 188 if ((c->b_len = read(c->fd, c->buf, c->chunksize)) == -1) 189 return -1; 190 c->chunksize -= c->b_len; 191 192 if (c->chunksize == 0) { 193 char endl[2]; 194 read(c->fd, endl, 2); 195 } 196 197 c->b_pos = 0; 198 199 return c->b_len; 200 } 201 202 /* 203 * Read function 204 */ 205 static int 206 _http_readfn(void *v, char *buf, int len) 207 { 208 struct cookie *c = (struct cookie *)v; 209 int l, pos; 210 211 if (c->error) 212 return -1; 213 if (c->eof) 214 return 0; 215 216 for (pos = 0; len > 0; pos += l, len -= l) { 217 /* empty buffer */ 218 if (!c->buf || c->b_pos == c->b_len) 219 if (_http_fillbuf(c) < 1) 220 break; 221 l = c->b_len - c->b_pos; 222 if (len < l) 223 l = len; 224 bcopy(c->buf + c->b_pos, buf + pos, l); 225 c->b_pos += l; 226 } 227 228 if (!pos && c->error) 229 return -1; 230 return pos; 231 } 232 233 /* 234 * Write function 235 */ 236 static int 237 _http_writefn(void *v, const char *buf, int len) 238 { 239 struct cookie *c = (struct cookie *)v; 240 241 return write(c->fd, buf, len); 242 } 243 244 /* 245 * Close function 246 */ 247 static int 248 _http_closefn(void *v) 249 { 250 struct cookie *c = (struct cookie *)v; 251 int r; 252 253 r = close(c->fd); 254 if (c->buf) 255 free(c->buf); 256 free(c); 257 return r; 258 } 259 260 /* 261 * Wrap a file descriptor up 262 */ 263 static FILE * 264 _http_funopen(int fd) 265 { 266 struct cookie *c; 267 FILE *f; 268 269 if ((c = calloc(1, sizeof *c)) == NULL) { 270 _fetch_syserr(); 271 return NULL; 272 } 273 c->fd = fd; 274 if (!(f = funopen(c, _http_readfn, _http_writefn, NULL, _http_closefn))) { 275 _fetch_syserr(); 276 free(c); 277 return NULL; 278 } 279 return f; 280 } 281 282 283 /***************************************************************************** 284 * Helper functions for talking to the server and parsing its replies 285 */ 286 287 /* Header types */ 288 typedef enum { 289 hdr_syserror = -2, 290 hdr_error = -1, 291 hdr_end = 0, 292 hdr_unknown = 1, 293 hdr_content_length, 294 hdr_content_range, 295 hdr_last_modified, 296 hdr_location, 297 hdr_transfer_encoding, 298 hdr_www_authenticate 299 } hdr; 300 301 /* Names of interesting headers */ 302 static struct { 303 hdr num; 304 const char *name; 305 } hdr_names[] = { 306 { hdr_content_length, "Content-Length" }, 307 { hdr_content_range, "Content-Range" }, 308 { hdr_last_modified, "Last-Modified" }, 309 { hdr_location, "Location" }, 310 { hdr_transfer_encoding, "Transfer-Encoding" }, 311 { hdr_www_authenticate, "WWW-Authenticate" }, 312 { hdr_unknown, NULL }, 313 }; 314 315 static char *reply_buf; 316 static size_t reply_size; 317 static size_t reply_length; 318 319 /* 320 * Send a formatted line; optionally echo to terminal 321 */ 322 static int 323 _http_cmd(int fd, const char *fmt, ...) 324 { 325 va_list ap; 326 size_t len; 327 char *msg; 328 int r; 329 330 va_start(ap, fmt); 331 len = vasprintf(&msg, fmt, ap); 332 va_end(ap); 333 334 if (msg == NULL) { 335 errno = ENOMEM; 336 _fetch_syserr(); 337 return -1; 338 } 339 340 r = _fetch_putln(fd, msg, len); 341 free(msg); 342 343 if (r == -1) { 344 _fetch_syserr(); 345 return -1; 346 } 347 348 return 0; 349 } 350 351 /* 352 * Get and parse status line 353 */ 354 static int 355 _http_get_reply(int fd) 356 { 357 char *p; 358 359 if (_fetch_getln(fd, &reply_buf, &reply_size, &reply_length) == -1) 360 return -1; 361 /* 362 * A valid status line looks like "HTTP/m.n xyz reason" where m 363 * and n are the major and minor protocol version numbers and xyz 364 * is the reply code. 365 * Unfortunately, there are servers out there (NCSA 1.5.1, to name 366 * just one) that do not send a version number, so we can't rely 367 * on finding one, but if we do, insist on it being 1.0 or 1.1. 368 * We don't care about the reason phrase. 369 */ 370 if (strncmp(reply_buf, "HTTP", 4) != 0) 371 return HTTP_PROTOCOL_ERROR; 372 p = reply_buf + 4; 373 if (*p == '/') { 374 if (p[1] != '1' || p[2] != '.' || (p[3] != '0' && p[3] != '1')) 375 return HTTP_PROTOCOL_ERROR; 376 p += 4; 377 } 378 if (*p != ' ' 379 || !isdigit(p[1]) 380 || !isdigit(p[2]) 381 || !isdigit(p[3])) 382 return HTTP_PROTOCOL_ERROR; 383 384 return ((p[1] - '0') * 100 + (p[2] - '0') * 10 + (p[3] - '0')); 385 } 386 387 /* 388 * Check a header; if the type matches the given string, return a 389 * pointer to the beginning of the value. 390 */ 391 static const char * 392 _http_match(const char *str, const char *hdr) 393 { 394 while (*str && *hdr && tolower(*str++) == tolower(*hdr++)) 395 /* nothing */; 396 if (*str || *hdr != ':') 397 return NULL; 398 while (*hdr && isspace(*++hdr)) 399 /* nothing */; 400 return hdr; 401 } 402 403 /* 404 * Get the next header and return the appropriate symbolic code. 405 */ 406 static hdr 407 _http_next_header(int fd, const char **p) 408 { 409 int i; 410 411 if (_fetch_getln(fd, &reply_buf, &reply_size, &reply_length) == -1) 412 return hdr_syserror; 413 while (reply_length && isspace(reply_buf[reply_length-1])) 414 reply_length--; 415 reply_buf[reply_length] = 0; 416 if (reply_length == 0) 417 return hdr_end; 418 /* 419 * We could check for malformed headers but we don't really care. 420 * A valid header starts with a token immediately followed by a 421 * colon; a token is any sequence of non-control, non-whitespace 422 * characters except "()<>@,;:\\\"{}". 423 */ 424 for (i = 0; hdr_names[i].num != hdr_unknown; i++) 425 if ((*p = _http_match(hdr_names[i].name, reply_buf)) != NULL) 426 return hdr_names[i].num; 427 return hdr_unknown; 428 } 429 430 /* 431 * Parse a last-modified header 432 */ 433 static int 434 _http_parse_mtime(const char *p, time_t *mtime) 435 { 436 char locale[64], *r; 437 struct tm tm; 438 439 strncpy(locale, setlocale(LC_TIME, NULL), sizeof locale); 440 setlocale(LC_TIME, "C"); 441 r = strptime(p, "%a, %d %b %Y %H:%M:%S GMT", &tm); 442 /* XXX should add support for date-2 and date-3 */ 443 setlocale(LC_TIME, locale); 444 if (r == NULL) 445 return -1; 446 DEBUG(fprintf(stderr, "last modified: [\033[1m%04d-%02d-%02d " 447 "%02d:%02d:%02d\033[m]\n", 448 tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, 449 tm.tm_hour, tm.tm_min, tm.tm_sec)); 450 *mtime = timegm(&tm); 451 return 0; 452 } 453 454 /* 455 * Parse a content-length header 456 */ 457 static int 458 _http_parse_length(const char *p, off_t *length) 459 { 460 off_t len; 461 462 for (len = 0; *p && isdigit(*p); ++p) 463 len = len * 10 + (*p - '0'); 464 DEBUG(fprintf(stderr, "content length: [\033[1m%lld\033[m]\n", len)); 465 *length = len; 466 return 0; 467 } 468 469 /* 470 * Parse a content-range header 471 */ 472 static int 473 _http_parse_range(const char *p, off_t *offset, off_t *length, off_t *size) 474 { 475 int first, last, len; 476 477 if (strncasecmp(p, "bytes ", 6) != 0) 478 return -1; 479 for (first = 0, p += 6; *p && isdigit(*p); ++p) 480 first = first * 10 + *p - '0'; 481 if (*p != '-') 482 return -1; 483 for (last = 0, ++p; *p && isdigit(*p); ++p) 484 last = last * 10 + *p - '0'; 485 if (first > last || *p != '/') 486 return -1; 487 for (len = 0, ++p; *p && isdigit(*p); ++p) 488 len = len * 10 + *p - '0'; 489 if (len < last - first + 1) 490 return -1; 491 DEBUG(fprintf(stderr, "content range: [\033[1m%d-%d/%d\033[m]\n", 492 first, last, len)); 493 *offset = first; 494 *length = last - first + 1; 495 *size = len; 496 return 0; 497 } 498 499 500 /***************************************************************************** 501 * Helper functions for authorization 502 */ 503 504 /* 505 * Base64 encoding 506 */ 507 static char * 508 _http_base64(char *src) 509 { 510 static const char base64[] = 511 "ABCDEFGHIJKLMNOPQRSTUVWXYZ" 512 "abcdefghijklmnopqrstuvwxyz" 513 "0123456789+/"; 514 char *str, *dst; 515 size_t l; 516 int t, r; 517 518 l = strlen(src); 519 if ((str = malloc(((l + 2) / 3) * 4)) == NULL) 520 return NULL; 521 dst = str; 522 r = 0; 523 524 while (l >= 3) { 525 t = (src[0] << 16) | (src[1] << 8) | src[2]; 526 dst[0] = base64[(t >> 18) & 0x3f]; 527 dst[1] = base64[(t >> 12) & 0x3f]; 528 dst[2] = base64[(t >> 6) & 0x3f]; 529 dst[3] = base64[(t >> 0) & 0x3f]; 530 src += 3; l -= 3; 531 dst += 4; r += 4; 532 } 533 534 switch (l) { 535 case 2: 536 t = (src[0] << 16) | (src[1] << 8); 537 dst[0] = base64[(t >> 18) & 0x3f]; 538 dst[1] = base64[(t >> 12) & 0x3f]; 539 dst[2] = base64[(t >> 6) & 0x3f]; 540 dst[3] = '='; 541 dst += 4; 542 r += 4; 543 break; 544 case 1: 545 t = src[0] << 16; 546 dst[0] = base64[(t >> 18) & 0x3f]; 547 dst[1] = base64[(t >> 12) & 0x3f]; 548 dst[2] = dst[3] = '='; 549 dst += 4; 550 r += 4; 551 break; 552 case 0: 553 break; 554 } 555 556 *dst = 0; 557 return str; 558 } 559 560 /* 561 * Encode username and password 562 */ 563 static int 564 _http_basic_auth(int fd, const char *hdr, const char *usr, const char *pwd) 565 { 566 char *upw, *auth; 567 int r; 568 569 DEBUG(fprintf(stderr, "usr: [\033[1m%s\033[m]\n", usr)); 570 DEBUG(fprintf(stderr, "pwd: [\033[1m%s\033[m]\n", pwd)); 571 if (asprintf(&upw, "%s:%s", usr, pwd) == -1) 572 return -1; 573 auth = _http_base64(upw); 574 free(upw); 575 if (auth == NULL) 576 return -1; 577 r = _http_cmd(fd, "%s: Basic %s", hdr, auth); 578 free(auth); 579 return r; 580 } 581 582 /* 583 * Send an authorization header 584 */ 585 static int 586 _http_authorize(int fd, const char *hdr, const char *p) 587 { 588 /* basic authorization */ 589 if (strncasecmp(p, "basic:", 6) == 0) { 590 char *user, *pwd, *str; 591 int r; 592 593 /* skip realm */ 594 for (p += 6; *p && *p != ':'; ++p) 595 /* nothing */ ; 596 if (!*p || strchr(++p, ':') == NULL) 597 return -1; 598 if ((str = strdup(p)) == NULL) 599 return -1; /* XXX */ 600 user = str; 601 pwd = strchr(str, ':'); 602 *pwd++ = '\0'; 603 r = _http_basic_auth(fd, hdr, user, pwd); 604 free(str); 605 return r; 606 } 607 return -1; 608 } 609 610 611 /***************************************************************************** 612 * Helper functions for connecting to a server or proxy 613 */ 614 615 /* 616 * Connect to the correct HTTP server or proxy. 617 */ 618 static int 619 _http_connect(struct url *URL, struct url *purl, const char *flags) 620 { 621 int verbose; 622 int af, fd; 623 624 #ifdef INET6 625 af = AF_UNSPEC; 626 #else 627 af = AF_INET; 628 #endif 629 630 verbose = CHECK_FLAG('v'); 631 if (CHECK_FLAG('4')) 632 af = AF_INET; 633 #ifdef INET6 634 else if (CHECK_FLAG('6')) 635 af = AF_INET6; 636 #endif 637 638 if (purl) { 639 URL = purl; 640 } else if (strcasecmp(URL->scheme, SCHEME_FTP) == 0) { 641 /* can't talk http to an ftp server */ 642 /* XXX should set an error code */ 643 return -1; 644 } 645 646 if ((fd = _fetch_connect(URL->host, URL->port, af, verbose)) == -1) 647 /* _fetch_connect() has already set an error code */ 648 return -1; 649 return fd; 650 } 651 652 static struct url * 653 _http_get_proxy(void) 654 { 655 struct url *purl; 656 char *p; 657 658 if (((p = getenv("HTTP_PROXY")) || (p = getenv("http_proxy"))) && 659 (purl = fetchParseURL(p))) { 660 if (!*purl->scheme) 661 strcpy(purl->scheme, SCHEME_HTTP); 662 if (!purl->port) 663 purl->port = _fetch_default_proxy_port(purl->scheme); 664 if (strcasecmp(purl->scheme, SCHEME_HTTP) == 0) 665 return purl; 666 fetchFreeURL(purl); 667 } 668 return NULL; 669 } 670 671 672 /***************************************************************************** 673 * Core 674 */ 675 676 /* 677 * Send a request and process the reply 678 */ 679 FILE * 680 _http_request(struct url *URL, const char *op, struct url_stat *us, 681 struct url *purl, const char *flags) 682 { 683 struct url *url, *new; 684 int chunked, direct, need_auth, noredirect, verbose; 685 int code, fd, i, n; 686 off_t offset, clength, length, size; 687 time_t mtime; 688 const char *p; 689 FILE *f; 690 hdr h; 691 char *host; 692 #ifdef INET6 693 char hbuf[MAXHOSTNAMELEN + 1]; 694 #endif 695 696 direct = CHECK_FLAG('d'); 697 noredirect = CHECK_FLAG('A'); 698 verbose = CHECK_FLAG('v'); 699 700 if (direct && purl) { 701 fetchFreeURL(purl); 702 purl = NULL; 703 } 704 705 /* try the provided URL first */ 706 url = URL; 707 708 /* if the A flag is set, we only get one try */ 709 n = noredirect ? 1 : MAX_REDIRECT; 710 i = 0; 711 712 need_auth = 0; 713 do { 714 new = NULL; 715 chunked = 0; 716 offset = 0; 717 clength = -1; 718 length = -1; 719 size = -1; 720 mtime = 0; 721 722 /* check port */ 723 if (!url->port) 724 url->port = _fetch_default_port(url->scheme); 725 726 /* connect to server or proxy */ 727 if ((fd = _http_connect(url, purl, flags)) == -1) 728 goto ouch; 729 730 host = url->host; 731 #ifdef INET6 732 if (strchr(url->host, ':')) { 733 snprintf(hbuf, sizeof(hbuf), "[%s]", url->host); 734 host = hbuf; 735 } 736 #endif 737 738 /* send request */ 739 if (verbose) 740 _fetch_info("requesting %s://%s:%d%s", 741 url->scheme, host, url->port, url->doc); 742 if (purl) { 743 _http_cmd(fd, "%s %s://%s:%d%s HTTP/1.1", 744 op, url->scheme, host, url->port, url->doc); 745 } else { 746 _http_cmd(fd, "%s %s HTTP/1.1", 747 op, url->doc); 748 } 749 750 /* virtual host */ 751 if (url->port == _fetch_default_port(url->scheme)) 752 _http_cmd(fd, "Host: %s", host); 753 else 754 _http_cmd(fd, "Host: %s:%d", host, url->port); 755 756 /* proxy authorization */ 757 if (purl) { 758 if (*purl->user || *purl->pwd) 759 _http_basic_auth(fd, "Proxy-Authorization", 760 purl->user, purl->pwd); 761 else if ((p = getenv("HTTP_PROXY_AUTH")) != NULL && *p != '\0') 762 _http_authorize(fd, "Proxy-Authorization", p); 763 } 764 765 /* server authorization */ 766 if (need_auth || *url->user || *url->pwd) { 767 if (*url->user || *url->pwd) 768 _http_basic_auth(fd, "Authorization", url->user, url->pwd); 769 else if ((p = getenv("HTTP_AUTH")) != NULL && *p != '\0') 770 _http_authorize(fd, "Authorization", p); 771 else if (fetchAuthMethod && fetchAuthMethod(url) == 0) { 772 _http_basic_auth(fd, "Authorization", url->user, url->pwd); 773 } else { 774 _http_seterr(HTTP_NEED_AUTH); 775 goto ouch; 776 } 777 } 778 779 /* other headers */ 780 if ((p = getenv("HTTP_USER_AGENT")) != NULL && *p != '\0') 781 _http_cmd(fd, "User-Agent: %s", p); 782 else 783 _http_cmd(fd, "User-Agent: %s " _LIBFETCH_VER, __progname); 784 if (url->offset) 785 _http_cmd(fd, "Range: bytes=%lld-", url->offset); 786 _http_cmd(fd, "Connection: close"); 787 _http_cmd(fd, ""); 788 789 /* get reply */ 790 switch ((code = _http_get_reply(fd))) { 791 case HTTP_OK: 792 case HTTP_PARTIAL: 793 /* fine */ 794 break; 795 case HTTP_MOVED_PERM: 796 case HTTP_MOVED_TEMP: 797 /* 798 * Not so fine, but we still have to read the headers to 799 * get the new location. 800 */ 801 break; 802 case HTTP_NEED_AUTH: 803 if (need_auth) { 804 /* 805 * We already sent out authorization code, so there's 806 * nothing more we can do. 807 */ 808 _http_seterr(code); 809 goto ouch; 810 } 811 /* try again, but send the password this time */ 812 if (verbose) 813 _fetch_info("server requires authorization"); 814 break; 815 case HTTP_NEED_PROXY_AUTH: 816 /* 817 * If we're talking to a proxy, we already sent our proxy 818 * authorization code, so there's nothing more we can do. 819 */ 820 _http_seterr(code); 821 goto ouch; 822 case HTTP_PROTOCOL_ERROR: 823 /* fall through */ 824 case -1: 825 _fetch_syserr(); 826 goto ouch; 827 default: 828 _http_seterr(code); 829 goto ouch; 830 } 831 832 /* get headers */ 833 do { 834 switch ((h = _http_next_header(fd, &p))) { 835 case hdr_syserror: 836 _fetch_syserr(); 837 goto ouch; 838 case hdr_error: 839 _http_seterr(HTTP_PROTOCOL_ERROR); 840 goto ouch; 841 case hdr_content_length: 842 _http_parse_length(p, &clength); 843 break; 844 case hdr_content_range: 845 _http_parse_range(p, &offset, &length, &size); 846 break; 847 case hdr_last_modified: 848 _http_parse_mtime(p, &mtime); 849 break; 850 case hdr_location: 851 if (!HTTP_REDIRECT(code)) 852 break; 853 if (new) 854 free(new); 855 if (verbose) 856 _fetch_info("%d redirect to %s", code, p); 857 if (*p == '/') 858 /* absolute path */ 859 new = fetchMakeURL(url->scheme, url->host, url->port, p, 860 url->user, url->pwd); 861 else 862 new = fetchParseURL(p); 863 if (new == NULL) { 864 /* XXX should set an error code */ 865 DEBUG(fprintf(stderr, "failed to parse new URL\n")); 866 goto ouch; 867 } 868 if (!*new->user && !*new->pwd) { 869 strcpy(new->user, url->user); 870 strcpy(new->pwd, url->pwd); 871 } 872 new->offset = url->offset; 873 new->length = url->length; 874 break; 875 case hdr_transfer_encoding: 876 /* XXX weak test*/ 877 chunked = (strcasecmp(p, "chunked") == 0); 878 break; 879 case hdr_www_authenticate: 880 if (code != HTTP_NEED_AUTH) 881 break; 882 /* if we were smarter, we'd check the method and realm */ 883 break; 884 case hdr_end: 885 /* fall through */ 886 case hdr_unknown: 887 /* ignore */ 888 break; 889 } 890 } while (h > hdr_end); 891 892 /* we have a hit */ 893 if (code == HTTP_OK || code == HTTP_PARTIAL) 894 break; 895 896 /* we need to provide authentication */ 897 if (code == HTTP_NEED_AUTH) { 898 need_auth = 1; 899 close(fd); 900 fd = -1; 901 continue; 902 } 903 904 /* all other cases: we got a redirect */ 905 need_auth = 0; 906 close(fd); 907 fd = -1; 908 if (!new) { 909 DEBUG(fprintf(stderr, "redirect with no new location\n")); 910 break; 911 } 912 if (url != URL) 913 fetchFreeURL(url); 914 url = new; 915 } while (++i < n); 916 917 /* we failed, or ran out of retries */ 918 if (fd == -1) { 919 _http_seterr(code); 920 goto ouch; 921 } 922 923 DEBUG(fprintf(stderr, "offset %lld, length %lld, size %lld, clength %lld\n", 924 offset, length, size, clength)); 925 926 /* check for inconsistencies */ 927 if (clength != -1 && length != -1 && clength != length) { 928 _http_seterr(HTTP_PROTOCOL_ERROR); 929 goto ouch; 930 } 931 if (clength == -1) 932 clength = length; 933 if (clength != -1) 934 length = offset + clength; 935 if (length != -1 && size != -1 && length != size) { 936 _http_seterr(HTTP_PROTOCOL_ERROR); 937 goto ouch; 938 } 939 if (size == -1) 940 size = length; 941 942 /* fill in stats */ 943 if (us) { 944 us->size = size; 945 us->atime = us->mtime = mtime; 946 } 947 948 /* too far? */ 949 if (offset > URL->offset) { 950 _http_seterr(HTTP_PROTOCOL_ERROR); 951 goto ouch; 952 } 953 954 /* report back real offset and size */ 955 URL->offset = offset; 956 URL->length = clength; 957 958 /* wrap it up in a FILE */ 959 if ((f = chunked ? _http_funopen(fd) : fdopen(fd, "r")) == NULL) { 960 _fetch_syserr(); 961 goto ouch; 962 } 963 964 if (url != URL) 965 fetchFreeURL(url); 966 if (purl) 967 fetchFreeURL(purl); 968 969 return f; 970 971 ouch: 972 if (url != URL) 973 fetchFreeURL(url); 974 if (purl) 975 fetchFreeURL(purl); 976 if (fd != -1) 977 close(fd); 978 return NULL; 979 } 980 981 982 /***************************************************************************** 983 * Entry points 984 */ 985 986 /* 987 * Retrieve and stat a file by HTTP 988 */ 989 FILE * 990 fetchXGetHTTP(struct url *URL, struct url_stat *us, const char *flags) 991 { 992 return _http_request(URL, "GET", us, _http_get_proxy(), flags); 993 } 994 995 /* 996 * Retrieve a file by HTTP 997 */ 998 FILE * 999 fetchGetHTTP(struct url *URL, const char *flags) 1000 { 1001 return fetchXGetHTTP(URL, NULL, flags); 1002 } 1003 1004 /* 1005 * Store a file by HTTP 1006 */ 1007 FILE * 1008 fetchPutHTTP(struct url *URL, const char *flags) 1009 { 1010 warnx("fetchPutHTTP(): not implemented"); 1011 return NULL; 1012 } 1013 1014 /* 1015 * Get an HTTP document's metadata 1016 */ 1017 int 1018 fetchStatHTTP(struct url *URL, struct url_stat *us, const char *flags) 1019 { 1020 FILE *f; 1021 1022 if ((f = _http_request(URL, "HEAD", us, _http_get_proxy(), flags)) == NULL) 1023 return -1; 1024 fclose(f); 1025 return 0; 1026 } 1027 1028 /* 1029 * List a directory 1030 */ 1031 struct url_ent * 1032 fetchListHTTP(struct url *url, const char *flags) 1033 { 1034 warnx("fetchListHTTP(): not implemented"); 1035 return NULL; 1036 } 1037